d441abba20
The existing CRITICAL pattern in injection-patterns.mjs only fires when a comment body contains AGENT/AI/HIDDEN markers. Adversaries can drop the marker and still hide instructions inside <!-- ... --> for any agent that reads page source. This generalizes the comment scan: every comment body is HTML-entity-decoded and run through the full injection rule set. The existing keyword-restricted pattern still fires (defense-in-depth). Emits at the strongest tier with category html-comment-injection. +3 tests (65 → 68). Refs: Batch B Wave 4 / Step 11 / v7.2.0 |
||
|---|---|---|
| .. | ||
| fixtures | ||
| helpers | ||
| hooks | ||
| lib | ||
| scanners | ||